On March 22 2007, 3:59 pm, ueli heuer wrote: > On Thu, 22 Mar 2007 09:14:50 -0500 > Gary Bowling <[EMAIL PROTECTED]> wrote: >> I can understand that the server header is of importance as well as the >> email address of the client. But the internal/external address of the >> client machine seems pretty useless for the email piece. The actual >> server is going to log all that info, so it could be had easily enough >> for an admin who might be troubleshooting things. > > With that header in the mail, it would be a task of seconds ... Very true. With problem reports you just look at the headers and don't even need to login, su, cd, grep...
>> But it doesn't seem >> like the recipient needs to know that info. It actually seems as though >> the recipient could only use it for malicious activity and would have no >> legitimate use for it. > > Security by obscurity won't work > > This header can be used to trust the sender as he/she used some > authentication before he/she could send the mail. > > Just my opinion Well, a security issue might look like this: 1) someone is very annoying and disruptive on some chat 2) tell them to send me any email 3) aha, so your IP is 1.2.3.4 4) Let's do some nmap 5) So you are using windows 98, let's see this malformed packet blue screen attack 6) blue screen on w98 7) and when he comes back say: I can come to [INSERT CITY] and kick your behind hard. Using whois. Regards, Maciej
